[PATCH] dm verity: add support for signature verification with platform keyring

Thu Jul 4 09:12:25 UTC 2024

On Mon, 17 Jun 2024 at 23:00, <luca.boccassi at gmail.com> wrote:
>
> From: Luca Boccassi <bluca at debian.org>
>
> Add a new configuration CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_PLATFORM_KEYRING
> that enables verifying dm-verity signatures using the platform keyring,
> which is populated using the UEFI DB certificates. This is useful for
> self-enrolled systems that do not use MOK, as the secondary keyring which
> is already used for verification, if the relevant kconfig is enabled, is
> linked to the machine keyring, which gets its certificates loaded from MOK.
> On datacenter/virtual/cloud deployments it is more common to deploy one's
> own certificate chain directly in DB on first boot in unattended mode,
> rather than relying on MOK, as the latter typically requires interactive
> authentication to enroll, and is more suited for personal machines.
>
> Default to the same value as DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING
> if not otherwise specified, as it is likely that if one wants to use
> MOK certificates to verify dm-verity volumes, DB certificates are
> going to be used too. Keys in DB are allowed to load a full kernel
> already anyway, so they are already highly privileged.
>
> Signed-off-by: Luca Boccassi <bluca at debian.org>
> ---
>  drivers/md/Kconfig                | 10 ++++++++++
>  drivers/md/dm-verity-verify-sig.c |  7 +++++++
>  2 files changed, 17 insertions(+)
>
> diff --git a/drivers/md/Kconfig b/drivers/md/Kconfig
> index 35b1080752cd..1e9db8e4acdf 100644
> --- a/drivers/md/Kconfig
> +++ b/drivers/md/Kconfig
> @@ -540,6 +540,16 @@ config DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING
>
>           If unsure, say N.
>
> +config DM_VERITY_VERIFY_ROOTHASH_SIG_PLATFORM_KEYRING
> +       bool "Verity data device root hash signature verification with platform keyring"
> +       default DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING
> +       depends on DM_VERITY_VERIFY_ROOTHASH_SIG
> +       depends on INTEGRITY_PLATFORM_KEYRING
> +       help
> +         Rely also on the platform keyring to verify dm-verity signatures.
> +
> +         If unsure, say N.
> +
>  config DM_VERITY_FEC
>         bool "Verity forward error correction support"
>         depends on DM_VERITY
> diff --git a/drivers/md/dm-verity-verify-sig.c b/drivers/md/dm-verity-verify-sig.c
> index 4836508ea50c..d351d7d39c60 100644
> --- a/drivers/md/dm-verity-verify-sig.c
> +++ b/drivers/md/dm-verity-verify-sig.c
> @@ -126,6 +126,13 @@ int verity_verify_root_hash(const void *root_hash, size_t root_hash_len,
>                                 NULL,
>  #endif
>                                 VERIFYING_UNSPECIFIED_SIGNATURE, NULL, NULL);
> +#ifdef CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_PLATFORM_KEYRING
> +       if (ret == -ENOKEY)
> +               ret = verify_pkcs7_signature(root_hash, root_hash_len, sig_data,
> +                                       sig_len,
> +                                       VERIFY_USE_PLATFORM_KEYRING,
> +                                       VERIFYING_UNSPECIFIED_SIGNATURE, NULL, NULL);
> +#endif
>
>         return ret;
>  }

Gentle ping. Anything I can do to help move this patch forward? It
fixes a gap in our dm-verity story that I'd really like to see sorted
for the next release. We will use this in systemd, among other things.
Thanks!